The security framework of Fed4IoT

The high number of IoT devices, and also their availability through the Internet, has made the topic of IoT virtualisation an emerging topic, which has gained a lot of interest from both academia and industry points of view. Fed4IoT is an H2020 EU-JPN Research Project, whose aim is precisely this one. Nevertheless, security, and more specifically authorisation or access control is a fundamental aspect that must be addressed, motivated by the increase of threats and attacks that the IoT domain has suffered. In this paper we propose the use of a distributed authorisation mechanism based on DCapBAC technology, to specifically deal with the IoT virtualisation aspect, in the scope of this project. This technology has proven its validity in the IoT domain because of its distributed nature and the flexibility of their authorisation policies.